Alfresco Repository Content Encryption (AES-CBC or AES-CTR)

Increase the base level of security on your company’s files. Avoid data theft and keep your files secure by implementing repository encryption across the entire system.

The Alfresco Repository Encryption addon was developed by Skytizens to improve the base level of security in your system by encrypting all data files stored in the repository. This module eliminates a security loophole from Alfresco Enterprise and makes it impossible for even tech-savvy data thieves to access or steal sensitive data from your brand. With the repository loophole neutralized, you can rest assured that only employees with authorized access can view, move, download, and decrypt company files.

Call for Price

SKU: AD5288 Alfresco Repository Content Encryption Categories: , Tags: , ,

What is Alfresco Repository Encryption?

The Alfresco Repository Encryption addon is a crucial layer of data security that encrypts all the files stored in the Alfresco Repository. The addon ensures that nobody can decrypt files without a security key and makes it difficult to pinpoint specific information in documents without authorized access. It renders file content unreadable even after download. This module prevents data breaches and keeps company information safe by overriding the Alfresco Enterprise’s weak built-in security and replacing it with true data encryption.

Why is Alfresco Repository Encryption so important?

  • Real encryption – use real encryption instead of amateur file extension changes
  • Data security – restrict sensitive data to authorized employees only
  • Data protection –limit data handling and avoid letting sensitive files fall through the cracks
  • Close the loophole– avoid the risk of a security event and keep data in the repository safe
  • Data handling compliance– reduce the risk of data breach and comply with company and regulatory bodies

The Benefits of Alfresco Repository Encryption

The Alfresco Repository Encryption addon is a unique feature developed by Skytizens to ensure true encryption and security for all levels of data stored in the Alfresco repository. This security feature neutralizes the human readability loophole existent in Alfresco Enterprise and removes the danger of large-volume theft of files from the system. Essentially it provides a base level of security across the repository so that your company data stays protected and compliant with security procedures.

How Does It Work?

The Alfresco Repository Encryption addon protects your company data by taking the security of the repository to a higher level. The problem with Alfresco Enterprise as it is implemented by most companies is that the system does not have true built-in encryption capabilities. The only security measure of Alfresco Enterprise is that it creates date nested folders and changes the extension (to .BIN) of files saved into the repository.

The issue is that this security measure has an easy loophole.  Since Alfresco Enterprise stores all files as human-readable, people can use this loophole to access files that should be protected.  By simply navigating to the correct folder, downloading encrypted files, and changing the file name back to the original extension the file becomes accessible once again. Though the file extension may not be obvious, it is easily found in the text of the poorly secured file. Within a few minutes, the sensitive data contained in repository files can be accessed for an easy copy and paste theft.

On a single file, this loophole is dangerous enough. Unfortunately, a tech-savvy person could write a script to search headers and discover the signature file extension of multiple files at once. Batch access to the Alfresco Repository is a dangerous security weakness that can easily be taken advantage of.  The risk of data breach is high and an oversight in this case threatens compliance with company data handling regulations. A blanket implementation of data encryption over the full repository keeps data protected and access stays restricted to those with authorization and a security key for access.

Main Features

Blanket Deployment – True data encryption is applied to the full repository. Downloaded documents require a secret key to access and read the enclosed data.

Access via Security Key – Authorized personnel are given access to data files through a secret key that allows for decryption.

Permissions Control – Access to this addon is managed by Group and Role.

  1. Group Access – Permission to use the module is given by the client’s administrator by designating members of a group.
  2. Role Access – Permission to use this module on certain files is given by file managers based on role access in the system.

Conclusions

Increase the base level of security on your company’s files. Avoid data theft and keep your files secure by implementing repository encryption across the entire system.

The Alfresco Repository Encryption addon was developed by Skytizens to improve the base level of security in your system by encrypting all data files stored in the repository. This module eliminates a security loophole from Alfresco Enterprise and makes it impossible for even tech-savvy data thieves to access or steal sensitive data from your brand. With the repository loophole neutralized, you can rest assured that only employees with authorized access can view, move, download, and decrypt company files.

Alfresco Version

Alfresco Component Type

Development Status

Installation Method

Alfresco Product

Extension Point

Addon Name

Back to top